package com.cskaoyan.config;

import com.cskaoyan.realm.AdminRealm;
import com.cskaoyan.realm.MobileRealm;
import com.cskaoyan.realm.WxRealm;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.ArrayList;

/**
 * @author LiaoLong
 * @date 2021-05-11 15:22
 */
@Configuration
public class ShiroConfig {

    @Autowired
    private ShiroProperties shiroProperties;
    private final static long PER_MINUTE = 1000 * 60;
    private final static long SESSION_TIME_OUT = 10 * PER_MINUTE;
    /*
    配置过滤器
     */
    @Bean
    public ShiroFilterFactoryBean shiroFilterFactoryBean(DefaultWebSecurityManager securityManager){
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        // 认证失败后重定向的url
        shiroFilterFactoryBean.setLoginUrl("/401");
        shiroFilterFactoryBean.setSecurityManager(securityManager);
        shiroFilterFactoryBean.setFilterChainDefinitionMap(shiroProperties.getFilterChainDefinitionMap());
        return shiroFilterFactoryBean;
    }

    /*
    核心组件
     */
    @Bean
    public DefaultWebSecurityManager securityManager(CustomAuthenticator authenticator, AdminRealm adminRealm, WxRealm wxRealm, MobileRealm mobileRealm){
        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        securityManager.setAuthenticator(authenticator);
        ArrayList<Realm> realms = new ArrayList<>();
        realms.add(adminRealm);
        realms.add(wxRealm);
        realms.add(mobileRealm);
        securityManager.setRealms(realms);
        // securityManager
        // 告诉manager自定义的sessionManager
        securityManager.setSessionManager(webSessionManager());
        return securityManager;
    }

    /*
        声明式鉴权  注解需要的组件
     */
    @Bean
    public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(DefaultWebSecurityManager securityManager){
        AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
        authorizationAttributeSourceAdvisor.setSecurityManager(securityManager);
        return authorizationAttributeSourceAdvisor;
    }

    /*
    管理session
     */
    @Bean
    public DefaultWebSessionManager webSessionManager(){
        CustomSessionManager customSessionManager = new CustomSessionManager();
        // 配置session过期时间
        customSessionManager.setGlobalSessionTimeout(SESSION_TIME_OUT);
        return customSessionManager;
    }

    /*
    自定义的realm分发器
     */
    @Bean
    public CustomAuthenticator authenticator(AdminRealm adminRealm, WxRealm wxRealm){
        CustomAuthenticator customAuthenticator = new CustomAuthenticator();
        return customAuthenticator;
    }
}
